SEP-15-2010 14=37 



K G R and M 



202 659 8822 P. 01 



Kile Park Goekjian Reed & McManus pllc 

ATTORNEYS AT LAW 

1200 NFjW HAMPSHIRE AVENUE, N. W., SUITE 570 
WASHINGTON. D.C. 20036 USA 
TELEPHONE (202) 659-8000 
FACSIMILE (202) 65 9-S822 _ 

FACSIMILE TRANSMITTAL SHEET 



Application No.: 10/582,127 


Confirmation No.: 2190 


Applicants): Dong-Hyuk Lee- 


Examiner: Khoshnoodi, Nadia 
(Art unit 2437) 
[Fax No. 571-273-38251 


Title: FLEXIBLE NETWORK SECURITY SYSTEM AND 
METHOD FOR PERMITTING TRUSTED PROCESS 


Atty Docket No.: CMP-0008-SE 




Date: 09/15/2010 


Total Pages (including cover): 3 


Re: Proposed amendments to claims 1 a 


nd 4 for discussion during examiner interview. 



□ URGENT El FOR REVIEW □ TLEASE COMMENT □ PLEASE REPLY □ PLEASR RECYCLE 



THE INFORMATION CONTAINED IN THIS FACSIMILE IS INTENDED FOR THE NAMED RECIPIENTS ONLY. IT MAY CONTAIN PRIVILEGED AND 
CONFIDENTIAL INFORMATION AND IF YOU ARE NOT AN INTENDED RECIPIENT, YOU MUST NOT COPY, DISTRIBUTE OR TAKE ANY ACTION IN 
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Dear Examiner Khoshnoodi, 

Attached please find proposed amendments to claims 1 and 4 which we would like 
to discuss with you during an examiner interview in connection with the above- 
identified patent application. 

We look forward to discussing these amendments during a telephonic interview with 
you on October 1, 2010 at 1:30pm. 

Thank you. 

Jae Y. Park 

Attorney for Applicant 

Reg. No. 62629 

Tel. No.: 202-263-0809 
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For Discussion ONLY 
NOT for enfcyy into the Record 

Proposed Claim Amendments for Discussion: 

1. (Currently amended) A network security system for 
permitting a trusted process using a firewall, the firewall 
protecting a corresponding network connection of a computer to a 
network by setting restrictions on information communicated 
between networks, comprising: 

a port monitoring unit for extracting information about a 
server port being used by a network communication program; 

an internal permitted program storage for storing a list of 
pro grams permitted to register server ports, wherein the 
internal permitted program storage adds a program to the list by 
extracting information about [ [a] ] the program for which 
communication is permitted by the firewall and registering the 
extracted informatio n in the list ; 

a firewall flexibly device for determining whether the 
netw ork communication program extracted from the information 
about the server port is registered ^i n the list of programs 
stored in the internal ...permitted program storage; and 

an internal permitted port storage registering the 
extracted information about the server port if the firewall 
flexible device determines that the network communication 
program extracted from the information about the server port is 
registered in the list of programs stored in the internal 
permitted program storage; and ■ 

[ [a] ] wherein, the firewall flexible device determining 
further determines whether a destination port of a packet of 
inbound traffic has been registered in the internal permitted 
port storage and blocking blocks the packet of inbound traffic 
if the destination port has not been registered. 



PAGE 2/3 * RCVD AT 9/15/2010 2:37:04 PM [Eastern Daylight Time] * SVR:USPTO-EFXRF-6/44 ' DNIS:2733825 * CSID:202 659 8822 * DURATION (mm-ss):00-56 



SEP-15-2010 14=37 



K G R and M 



202 659 S822 P. 03 



4. (Currently amended) A network security method of 
permitting a trusted process using a firewall, the firewall 
protecting a corresponding network connection of a computer to a 
network by setting restrictions on information communicated 
between networks, comprising: 

sto ring in an internal permitt ed program storage a list of 
programs permitted bv the firewall to register se rver ports; 

extracting information about a server port being used by a 
network communication program; 

e xtracting information about a program for whare h 
^ mmunioation is permitted by the fire - wall and registering the 
e xtracted information in an internal permitted program rtor ar p; 

determining whether the network communication program 
extracted from the information about the. server port is 
registered in the list of programs stored in the internal 
permitted program storage;, 

registering the information about the extracted server port 
in an internal permitted port storage if the network 
communication program extracted from the information about the 
server port is ^eej^ tcrcd determined to be registered in the 
list of programs stored in the internal permitted program 
storage; 

determining whether a destination port of a packet of 
inbound traffic has been registered in the internal permitted 
port storage; and 

blocking the packet of inbound traffic if the destination 
port has not been registered. 
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